RepoMirrors
/
kpatch
mirror of https://github.com/dynup/kpatch
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1263 from anatasluo/master 

kpatch-build: add support for openEuler
This commit is contained in:
Joe Lawrence 2022-05-13 10:00:22 -04:00 committed by GitHub
parent f6e0142b3c e680087567
commit 6a0dcb0da8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 144 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

110
doc/INSTALL.md
View File

@ -12,6 +12,7 @@ Table of contents
- [Debian 8 (Jessie)](#debian-8-jessie) - [Debian 8 (Jessie)](#debian-8-jessie)
- [Debian 7 (Lenny)](#debian-7-lenny) - [Debian 7 (Lenny)](#debian-7-lenny)
- [Gentoo](#gentoo) - [Gentoo](#gentoo)
- [OpenEuler](#openeuler)
- [Build](#build) - [Build](#build)
- [Install](#install) - [Install](#install)
@ -187,6 +188,115 @@ Configure ccache:
ccache --max-size=5G ccache --max-size=5G
``` ```
### OpenEuler
*ATTENTION: openEuler maintains its own version of kpatch which work with its
own kernel. You can check this [link](https://gitee.com/src-openeuler/kpatch)
to see its documents. This document describes how to run mainline kpatch in openEuler.*
*NOTE: You'll need about 15GB of free disk space for the kpatch-build cache in
`~/.kpatch` and for ccache.*
Install the dependencies for compiling kpatch and running kpatch-build:
```bash
source test/integration/lib.sh
# Will request root privileges
kpatch_dependencies
```
Before running kpatch-build, two more things need to be checked:
-------
1. Ensure current kernel compiled with *CONFIG_LIVEPATCH_PER_TASK_CONSISTENCY* set
openEuler has two strategies to apply kernel live patches and it is decided at compile time.
When CONFIG_LIVEPATCH_STOP_MACHINE_CONSISTENCY set, openEuler uses its own strategy.
When CONFIG_LIVEPATCH_PER_TASK_CONSISTENCY set, openEuler uses the conventional strategy.
Only one config option can take effect at the same time.
A [chinese blog](https://www.modb.pro/db/232858) written by the openEuler official describes
their modifications for kernel livepatch. The main difference is CONFIG_LIVEPATCH_STOP_MACHINE_CONSISTENCY
will disable the usage of ftrace handler in livepatch, they believe it will be faster.
Check whether your current kernel compiled with *CONFIG_LIVEPATCH_PER_TASK_CONSISTENCY*
```bash
grep "CONFIG_LIVEPATCH_PER_TASK_CONSISTENCY" /boot/config-$(uname -r)
```
If you see any output, it means your kernel satisfies, you can go directly to check step 2.
If not, then you need to recompile your current kernel with CONFIG_LIVEPATCH_PER_TASK_CONSISTENCY set.
You can reference the following steps to recompile the kernel if needed
1. download source code of the current kernel
```bash
# set working directories
TEMPDIR=~/.tmp
mkdir -p $TEMPDIR
mkdir -p $TEMPDIR/buildroot
# download kernel source rpm package
yumdownloader --source --destdir "$TEMPDIR" kernel-$(uname -r)
# obtain source code from package
rpm -D "_topdir $TEMPDIR/buildroot" -ivh $TEMPDIR/kernel-*.src.rpm
rpmbuild -D "_topdir $TEMPDIR/buildroot" -bp --nodeps --target=$(uname -m) $TEMPDIR/buildroot/SPECS/kernel.spec
# check source code and copy config file
cd $TEMPDIR/buildroot/BUILD/kernel-*/linux-*[sS]ource
cp /boot/config-$(uname -r) .config
```
2. set CONFIG_LIVEPATCH_PER_TASK_CONSISTENCY
```bash
make menuconfig
```
select order
-> Processor type and features
-> Enable Livepatch
-> Kernel Live Patching
-> live patching method
choose
> based on ftrace
After this step, you shoud see CONFIG_LIVEPATCH_PER_TASK_CONSISTENCY in .config file
3. recompile kernel and install it to your running environment.
Just to remind, after installing the recompiled kernel, the config file should also be updated.
2. Ensure */update/source* is in the rpm repo lists
openEuler releases its source rpm package of the kernel in two places.
One is /source and it is included in rpm repo lists by default.
One is /update/source and it may not be included it in some release versions.
```bash
grep "/update/source" /etc/yum.repos.d/openEuler.repo
```
If you can't see any output, add it to the end of /etc/yum.repos.d/openEuler.repo
For example, if you use openEuler 21.09, you will add something like:
```
[update-source]
name=update-source
baseurl=https://repo.openeuler.org/openEuler-21.09/update/source/
enabled=1
gpgcheck=0
```
*baseurl* is releated with your release version, be careful please!
Goto [openEuler repo](https://repo.openeuler.org/), find your own suitable baseurl.
Build Build
----- -----

25
kpatch-build/kpatch-build
View File

@ -735,9 +735,13 @@ elif [[ -e "$KERNEL_SRCDIR"/.config ]] && [[ -e "$VERSIONFILE" ]] && [[ "$(cat "
echo "Using cache at $KERNEL_SRCDIR" echo "Using cache at $KERNEL_SRCDIR"
else else
if [[ "$DISTRO" = fedora ]] || [[ "$DISTRO" = rhel ]] || [[ "$DISTRO" = ol ]] || [[ "$DISTRO" = centos ]]; then if [[ "$DISTRO" = fedora ]] || [[ "$DISTRO" = rhel ]] || [[ "$DISTRO" = ol ]] || [[ "$DISTRO" = centos ]] || [[ "$DISTRO" = openEuler ]]; then
echo "Fedora/Red Hat distribution detected" [[ "$DISTRO" = fedora ]] && echo "Fedora distribution detected"
[[ "$DISTRO" = rhel ]] && echo "RHEL distribution detected"
[[ "$DISTRO" = ol ]] && echo "Oracle Linux distribution detected"
[[ "$DISTRO" = centos ]] && echo "CentOS distribution detected"
[[ "$DISTRO" = openEuler ]] && echo "OpenEuler distribution detected"
clean_cache clean_cache
@ -758,7 +762,13 @@ else
rpmbuild -D "_topdir $RPMTOPDIR" -bp --nodeps "--target=$(uname -m)" "$RPMTOPDIR"/SPECS/kernel$ALT.spec 2>&1 | logger || rpmbuild -D "_topdir $RPMTOPDIR" -bp --nodeps "--target=$(uname -m)" "$RPMTOPDIR"/SPECS/kernel$ALT.spec 2>&1 | logger ||
die "rpmbuild -bp failed. you may need to run 'yum-builddep kernel' first." die "rpmbuild -bp failed. you may need to run 'yum-builddep kernel' first."
mv "$RPMTOPDIR"/BUILD/kernel-*/linux-* "$KERNEL_SRCDIR" 2>&1 | logger || die if [[ "$DISTRO" = openEuler ]]; then
# openEuler has two directories with the same content after 'rpm -D'
# openEuler 21.09 has linux-* and linux-*-source while openEuler 20.03 has linux-* and linux-*-Source
mv "$RPMTOPDIR"/BUILD/kernel-*/linux-*[sS]ource "$KERNEL_SRCDIR" 2>&1 | logger || die
else
mv "$RPMTOPDIR"/BUILD/kernel-*/linux-* "$KERNEL_SRCDIR" 2>&1 | logger || die
fi
rm -rf "$RPMTOPDIR" rm -rf "$RPMTOPDIR"
rm -rf "$KERNEL_SRCDIR/.git" rm -rf "$KERNEL_SRCDIR/.git"
@ -768,7 +778,11 @@ else
echo "$ARCHVERSION" > "$VERSIONFILE" || die echo "$ARCHVERSION" > "$VERSIONFILE" || die
[[ -z "$CONFIGFILE" ]] && CONFIGFILE="$KERNEL_SRCDIR/configs/kernel$ALT-$KVER-$ARCH.config" if [[ "$DISTRO" = openEuler ]]; then
[[ -z "$CONFIGFILE" ]] && CONFIGFILE="/boot/config-${ARCHVERSION}"
else
[[ -z "$CONFIGFILE" ]] && CONFIGFILE="$KERNEL_SRCDIR/configs/kernel$ALT-$KVER-$ARCH.config"
fi
(cd "$KERNEL_SRCDIR" && make mrproper 2>&1 | logger) || die (cd "$KERNEL_SRCDIR" && make mrproper 2>&1 | logger) || die
@ -826,6 +840,9 @@ fi
# shellcheck disable=SC1090 # shellcheck disable=SC1090
source "$CONFIGFILE" source "$CONFIGFILE"
[[ "$DISTRO" = openEuler ]] && [[ -z "$CONFIG_LIVEPATCH_PER_TASK_CONSISTENCY" ]] && \
die "openEuler kernel doesn't have 'CONFIG_LIVEPATCH_PER_TASK_CONSISTENCY' enabled"
[[ -z "$CONFIG_DEBUG_INFO" ]] && die "kernel doesn't have 'CONFIG_DEBUG_INFO' enabled" [[ -z "$CONFIG_DEBUG_INFO" ]] && die "kernel doesn't have 'CONFIG_DEBUG_INFO' enabled"
# Build variables - Set some defaults, then adjust features # Build variables - Set some defaults, then adjust features

13
test/integration/lib.sh
View File

@ -116,6 +116,19 @@ kpatch_centos_dependencies()
sudo yum remove -y epel-release sudo yum remove -y epel-release
} }
kpatch_openEuler_dependencies()
{
local kernel_version
local arch
kernel_version=$(uname -r)
arch=$(uname -m)
sudo yum install -y make gcc patch bison flex openssl-devel dwarves \
rpm-build dnf-plugins-core python3-devel openssl-devel ncurses-devel elfutils-libelf-devel
sudo yum install -y "kernel-source-${kernel_version%.*}" \
"kernel-debuginfo-${kernel_version%.*}" "kernel-devel-${kernel_version%.*}"
}
kpatch_dependencies() kpatch_dependencies()
{ {
# shellcheck disable=SC1091 # shellcheck disable=SC1091